VIG3 



3 



Europaisches Patentamt 
European Patent Office 
Office europeen des brevets 



© Publication number: 



0 424 41 5 B1 



@ 



EUROPEAN PATENT SPECIFICATION 



© Date of publication of patent specification: 02.02.94 © Int. CI. 5 : H04K 3/00 

© Application number: 89907333.2 

© Date of filing: 03.07.89 

® International application number: 
PCT/NO89/00070 



© International publication number: 
WO 90/00840 (25.01.90 90/03) 



© SYSTEM FOR PROTECTING DIGITAL EQUIPMENT AGAINST REMOTE ACCESS. 



© Priority: 05.07.88 NO 882982 




Proprietor: SYSTEM SIKKERHET A/S 






Longum Park 


@ Date of publication of application: 




N-Moland(NO) 


02.05.91 Bulletin 91/18 


© 






Inventor: HOIVIK, Lars 


© Publication of the grant of the patent: 




Vesthellinga 24 


02.02.94 Bulletin 94/05 




N-1315 Nes ya(NO) 


© Designated Contracting States: 


© 




AT DE FR GB NL SE 


Representative: Mossmark, Anders et al 






Albihn West AB 


© References cited: 




Box 142 


EP-A- 0 240 328 




S-401 22 Goteborg (SE) 


WO-A-87/05437 






US-A- 4 006 478 







DO 

m 
5 

CM 



Q. 

LU 



Note: Within nine months from the publication of the mention of the grant of the European patent, any person 
may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition 
shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee 
has been paid (Art. 99(1 ) European patent convention). 



Rank Xerox (UK) Business Services 
(3.10/3.09/3.3.31 



EP0 424 415B1 



Description 

Data security is today in focus at the same 
time as EDP is being increasingly introduced into 
new fields of use. Often there may be large 
amounts of information collected in a single sys- 
tem. The information contained in an electronic 
data processing plant is usually protected by con- 
ventional methods such as security zones, code 
words and restricted access. 

A potential source of leakage which has not 
attracted much attention, apart from defence ap- 
plications, is electromagnetic radiation from periph- 
eral equipment, for example terminals and printers. 
The only method employed today is screening, and 
such equipment is normally referred to as TEM- 
PEST protected. There is today such equipment 
available on the market and this is accepted for 
defence use. A drawback is represented by the 
high expenses connected with this protection. The 
price of most of the products is doubled thereby. 
Besides, there are a limited number of producers 
which supply such equipment In recent times 
there have appeared new, interesting fields of use. 
Requirements for protection of individuals and eco- 
nomical values will lead to more strict demands 
with respect to security in all types of computer 
systems, against unauthorized access and corrup- 
tive stray radiation. 

The problem of electromagnetic radiation from 
computer equipment is largest in peripheral equip- 
ment such as computer screens and printers. The 
reason for this is that in this type of equipment the 
information is presented in serial form. Data termi- 
nals which do not store the picture on the screen 
have a continuous updating of the screen picture. 
Usually this is repeated at a frequency of 25 Hz or 
more. Therefore it is possible by means of rela- 
tively simple detection equipment to pick up a 
radiated signal with an antenna and a receiver. The 
signal can then be reproduced by simple process- 
ing. 

It is previously known that protection against 
remote detection of corruptive radiation can be 
obtained by emitting a masking signal in the form 
of white noise. In order to obtain the desired effect 
in this manner, it is necessary to have compara- 
tively high power in the masking signal compared 
to the unintended radiation and corruptive informa- 
tion signal from the equipment concerned. More- 
over there are a number of other problems related 
to such protection or masking, among other things 
because in part one operates in the near field of 
the source of radiation. It is then difficult and ex- 
pensive to obtain a uniform omnidirectional radi- 
ated power. No simple antenna can do this, but on 
the other hand, it is to be remarked that nor does 
peripheral computer equipment constitute any om- 



nidirectional source of radiation. 

For protecting against leakage or corruption of 
information being printed by a matrix printer, it is 
known from DE-A-2 838 600 to employ a com- 

5 pensation signal generated in such a way that the 
sum of this compensation signal and the printing 
signal in the matrix printer, is constant. Accordingly 
the total emitted radiation from the equipment will 
be constant, which makes it difficult to detect the 

10 actual information signal. The compensation signal 
is generated by compensation units which elec- 
trically shall correspond to the separate circuits 
which serve to activate the individual needles in the 
printer mechanism. In addition to being rather com- 

75 plicated and cumbersome it is obvious that this 
known method is intimately related to the form of 
matrix printer concerned, so that the method 
among other things is not useful in connection with 
screen terminals. 

20 Also EP-A-0 069 831 relates to a method for 

the purpose of avoiding corruptive radiation from 
data equipment. The solution described is to a 
large extent analogous to what is described in the 
above German patent specification. Both methods 

25 involve significant intervention into the equipment 
concerned, for which protection is desired, or even 
a completely integrated or built-in protective device 
in the computer equipment. 

An object of the present invention is to obtain 

30 protection which can be provided comparatively 
easily in connection with existing data equipment at 
the same time as it can be integrated in a relatively 
simple and inexpensive manner into new equip- 
ment being produced. Moreover it is an object of 

35 the invention to provide a system which in a better 
and more flexible way affords protection against 
remote access to digital equipment which emits 
stray electromagnetic radiation. 

Current types of such digital equipment op- 

40 erate with digital signals under clock control and 
are based on the representation of a given set of 
characters. From the above it has appeared that for 
masking or protection it is known to employ means 
for emitting protective electromagnetic radiation 

45 covering the frequency spectrum of said stray radi- 
ation. 

In short this invention provides for the masking 
of corruptive radiation from computer equipment by 
emitting a coded masking signal which together 

so with the actual information-carrying and corruptive 
signal will form a modified corruptive signal which 
to a high degree makes it difficult to detect or 
remotely access the information. 

When the masking signal has the same or 

55 similar characteristic properties as the unintention- 
ally radiated signal, there is obtained a good pro- 
tective effect. In this connection it is an important 
feature that the masking comprises emission of a 
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series of random character and letter combinations 
selected from a set of characters being equal to or 
corresponding to at least a portion of the character 
set which is given and is used for information 
processing or presentations in the data equipment 
concerned, and which can have the same statistical 
properties as the corruptive signal. 

Statements defining the system according to 
the invention as well as the novel and specific 
features thereof, are found in the claims. In the 
following description the invention will be explained 
more closely with reference to the drawings, in 
which: 

Figure 1 shows a simplified block diagram of a 
protection system according to the invention, 
Figure 2 shows examples of typical signal 
shapes with protection by means of a system 
according to figure 1 , and 
Figure 3 illustrates signal shapes with an addi- 
tional and advantageous amplitude modulation 
according to an embodiment of the invention. 
In figure 1 there is shown a digital unit or data 
equipment unit in the form of a terminal 1 and an 
associated system for protection against corruptive 
radiation from the terminal 1, in the form of a 
module generally denoted 10. The radiation from 
the terminal 1 is indicated at 2. 

The terminal 1 emits corruptive radiation 2 of a 
relatively broadband nature, from 50 Hz to several 
MHz. Since the signal propagation in the terminal 
is essentially synchronous, the corruptive radiation 
from the various components will also be synchro- 
nous. Further the radiation is primarily radiated 
from the electronic circuits which generate char- 
acters on the screen. 

The protection module 10 shown, comprises as 
main components a micro-processor 13 and a 
store 14 containing one or two tables to be de- 
scribed more closely below. In the module 10 there 
is further included a digital-analog converter 15, a 
modulator 16 and a high frequency generator 18 
which emits protective or masking radiation through 
an antenna 19. The units or circuits 15, 16 and 18 
can be considered to constitute the drive means for 
digital signals to be radiated from the antenna 19. 
In the module 10 there is additionally provided a 
synchronizing unit 12 which through a connection 
11 is adapted to receive a reference signal from 
the terminal 1, and which on the other hand sup- 
plies a clock signal to the micro-processor 13. 

Accordingly synchronism of the protective sig- 
nal is secured thereby that the module 10 is con- 
trolled by the reference clock signal taken from the 
terminal 1. In the synchronizing unit 12 this signal 
is converted to the clock signal in the protection 
module. In order to adjust the phases of the protec- 
tive and the corruptive radiation, the clock signal 
can be phase-shifted so that both signals are in 



phase. 

The protection module is built up around the 
micro-processor 13 which quite at random selects 
which character the protective signal shall repre- 

5 sent, modulates the signal and administrates the 
emission of the protective radiation 20. 

In order that the protective radiation 20 shall 
have an optimal effect, the signature of all char- 
acters which can be presented by the terminal 1 on 

io its screen, are stored in a register, i.e. the store 14 
in the form of a so-called character table I contain- 
ing codes for the choice of characters concerned. 
The processor 13 will then read out one of these 
codes when a protective signal is to be emitted. 

15 The most important property of the protective 

signal, in addition to being analagous or identical in 
nature to the corruptive radiation, is that the char- 
acters emitted are selected in a completely random 
order or have a statistical distribution of characters 

20 corresponding to the radiated signal. This is ob- 
tained thereby that the micro-processor 13 in its 
programme table has stored an algorithm which 
generates a random sequence, which can take 
place in a manner which is known per se. If it is 

25 desired to avoid the repetition of the same se- 
quence each time the equipment is started up, 
there can be utilized a circuit for generating a 
statistically random starting point. 

In addition to the character generator or table I 

30 there is also included a second table II for generat- 
ing (modulating) the strength of the signal emitted. 
In order to obtain the best protection it is desirable 
that the masking signal be amplitude modulated. 
This is done by entering into the second table II 

35 and reading out the signal strength of the character 
to be emitted. This is sensed by the micro-proces- 
sor 13 and when this information has been asso- 
ciated with the selected character, the micro-pro- 
cessor is ready to emit the protective signal. 

40 The signal is supplied in a digital form to the 

digital-analog converter 15 which generates a mod- 
ulation signal. The modulator 16 serves to have the 
, signal from the RF generator 18 amplitude modu- 
lated and emitted from the antenna 19. The RF 

45 generator 18 can be a small solid-state source with 
tuned output power adjusted to the radiation of the 
terminal. 

The protective signal 20 is radiated for exam- 
ple from an omnidirectional antenna 19 integrated 

50 into the protection module 10. Thus the output 
power is matched to the radiation level of the 
corruptive radiation from the terminal 1 . 

Figure 2 shows signal shapes as a function of 
time for illustrating the manner of operation of a 

55 system as shown in figure 1. The amplitudes AMP 
are shown in arbitrary units. The modulation of the 
signal reflects the binary character levels. More 
closely there is shown at 2A an example of an 
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unintentionally radiated high frequency signal from 
data equipment such as the terminal 1 in figure 1, 
whereas at 2B there is illustrated a typical masking 
signal included in the protective radiation 20 from 
the module 10. This masking signal contains ran- 
dom character combinations which together with 
the signal mentioned above, results in a total radi- 
ated signal as shown at 2C. In this total signal the 
two signals mentioned above are combined in such 
a manner that even the most advanced remote 
detection equipment will hardly be able to detect 
the actual information for which protection is de- 
sired. 

It will be realized that if the masking signal is 
too weak, the effect thereof may be suppressed, 
which means that the masking signal must have a 
certain minimum strength. Further it will be realized 
that a stable masking signal having a constant 
strength or amplitude, may involve uncertainty with 
respect to the effect of the masking and thereby 
the protection. Therefore according to the invention 
it has been found to be an advantage to modulate 
the masking signal as illustrated in figure 3. The 
superimposed amplitude modulation gives a further 
improved protection by the system. 

In any detection process the sorting out and 
suppression of irrelevant information is a problem. 
In order to additionally improve the protective ef- 
fect when using the system according to the inven- 
tion, the masking signal is emitted continuously 
when the digital equipment, possibly data equip- 
ment, is turned on. Even though such equipment is 
not in operation a continuous stream of randomly 
selected masking signals will bring any remote 
detection system to saturation, and thereby more 
or less make it impossible to detect the information 
for which protection is desired. With such utilization 
of this system there will be obtained a mutual 
protection when several different data equipment 
units in the same premises or location are provided 
with systems according to the invention. In many 
cases there will then be need for only a couple of 
masking systems in order to protect several data 
plants or units, even though these are not operating 
synchronously. 

Claims 

1. System for protection against remote access to 
digital equipment (1) emitting stray electro- 
magnetic radiation (2) and operating with digi- 
tal signals under clock control and being based 
on the representation of a given set of char- 
acters, comprising means (18, 19) for emitting 
protective electromagnetic radiation covering 
the frequency spectrum of said stray radiation, 
characterized by a store (14) for a character 
set comprising at least some of the characters 



in said given set of characters, means (13) for 
selecting characters in random order from the 
store (14), drive means(15, 16, 18) to which the 
selected characters are applied and which is 

5 adapted to generate digital signals correspond- 

ing to the selected characters and modulated 
in a manner corresponding to the digital sig- 
nals of the equipment (1) so as to be of 
substantially the same nature as these, a syn- 

w chronizing unit (12) for substantially synchro- 

nizing said generated digital signals with the 
digital signals of the equipment (1), and the 
drive means (15, 16, 18) being adapted to 
preferably continuously emit the generated 

75 digital signals to an antenna (19) for radiating 

corresponding protective eletromagnetic radi- 
ation. 

2. System according to claim 1, 

20 characterized in that the drive means (15, 16, 

18) have a coupling (11, 12, 13) to the clock 
control of the equipment (1). 

3. System according to claim 1 or 2, 

25 characterized in that said synchronizing unit 

(12) comprises the phase of the digital signals. 

4. System according to any one of claims 1 to 3, 
characterized in that the means (18, 19) for 

30 emitting the protective electromagnetic radi- 

ation are adapted to operate within a limited 
frequency band which overlaps the frequency 
spectrum of said stray radiation. 

35 5. System according to any one of claims 1 to 4, 
characterized in that the drive means (15, 16, 
18) are adapted to give the generated digital 
signals an amplitude modulation (16) in addi- 
tion to said modulation in a manner corre- 

40 sponding to the digital signals of the equip- 

ment (1). 

Patentanspruche 

45 1. Schutzsystem gegen Fernzugriff auf Digitalaus- 
rustung (1), die elektromagnetische Streustrah- 
lung (2) abgibt und unter Taktsteuerung mit 
Digitalsignalen arbeitet und auf der Darstellung 
eines gegebenen Zeichensatzes beruht, das 

so Mittel (18, 19) zum Abgeben von elektroma- 

gnetischer Schutzstrahlung aufweist, die das 
Frequenzspektrum der Streustrahlung Ober- 
deckt, gekennzeichnet durch einen Speicher 
(14) fur einen Zeichensatz, der wenigstens ei- 

55 nige der Zeichen des gegebenen Zeichensat- 

zes umfaBt, durch Mittel (13) zum Auswahlen 
von Zeichen in zufalliger Reihenfolge aus dem 
Speicher (14), durch Treibermittel (15, 16, 18), 
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an das die ausgewahlten Zeichen angelegt 
werden und das dazu ausgebildet ist, digitate 
Signale zu er- zeugen, die den ausgewahlten 
Zeichen entsprechen und in einer Weise mo- 
duliert sind, die den Digitalsignalen der Ausru- 5 
stung (1) entsprechen, so daB sie im wesentli- 
chen von derselben Natur wie diese sind, 
durch eine Sychronisiereinheit (12), um die 
erzeugten Digitalsignale im wesentiichen mit 
den Digitalsignalen der Ausrustung (1) zu syn- io 
chronisieren, und wobei das Treibermittel (15, 
16, 18) so ausgebildet ist, daB es vorzugsweise 
dauernd die erzeugten Digitalsignale an eine 
Antenne (19) zum Abstrahlen entsprechender 
elektromagnetischer Schutzstrahlung abgibt. 75 

2. System nach Anspruch 1, dadurch gekenn- 
zeichnet, daB das Treibermittel (15, 16, 18) 
eine Verbindung (11, 12, 13) mit der Takt- 
steuerung der Ausrustung (1) hat. 20 

3. System nach Anspruch 1 oder 2, dadurch ge- 
kennzeichnet, daB die Synchronisiereinheit (12) 
die Phase der Digitalsignale aufweist. 

25 

4. System nach einem der Anspruche 1 bis 3, 
dadurch gekennzeichnet, daB das Mittel (18, 
19) zum Abgeben der elektromagnetischen 
Schutzstrahlung so ausgebildet ist, daB es in- 
nerhalb eines begrenzten Frequenzbandes ar- 30 
beitet, das das Frequenzspektrum der Streu- 
strahlung Uberlappt. 

5. System nach einem der Anspruche 1 bis 4, 
dadurch gekennzeichnet, daB das Treibermittel 35 
(15, 16, 18) dazu ausgebildet ist, den erzeug- 
ten Digitalsignalen eine Amplitudenmodulation 

(16) zusatzlich zu der Modulation in einer Wei- 
se, die den Digitalsignalen der Ausrustung (1) 
entspricht, zu geben. 40 

Revendicatlons 

1. Systeme de protection d'£quipements numeVi- 

ques (1) contre I'acces a distance emettant un 45 
rayonnement electromagnetique parasite (2) et 
fonctionnant avec des signaux numeriques 
sous la commande d'horloges et etant base 
sur la representation d'un jeu donne de carac- 
teres, comprenant un dispositif (18, 19) pour 50 
emettre un rayonnement electromagnetique de 
protection couvrant le spectre de frequence 
dudit rayonnement parasite, 

caracte>ise par un stockage (14) pour un 
jeu de caracteres comprenant au moins cer- 55 
tains des caracteres dudit jeu donne de carac- 
teres, un dispositif (13) pour seMectionner des 
caracteres dans un ordre aleatoire a partir du 



stockage (14), un dispositif de commande (15, 
16, 18) auquel les caracteres se lection nes sont 
appliques et qui sont adaptes pour g£neVer 
des signaux numeriques correspondant aux 
caracteres selectionnes et modules d'une ma- 
niere correspondant aux signaux numeriques 
de I'equipement (1) afin d'etre substantielle- 
ment de la meme nature que ceux-ci, une 
unite de synchronisation (12) pour essentielle- 
ment synchroniser lesdits signaux numeriques 
generis avec le signal numerique de l'e*quipe- 
ment (1), et le dispositif de commande (15, 16, 
18) etant adapte pour emettre de preference 
en continu les signaux numeriques generes sur 
une antenne (19) pour emettre un rayonne- 
ment electromagnetique de protection corres- 
pondante. 

2. Systeme selon la revendication 1, caracterise 
en ce que les dispositifs de commande (15, 
16, 18) ont un couplage (11, 12, 13) pour 
commander Thorloge de I'equipement (1). 

3. Systeme selon la revendication 1 ou 2, carac- 
terise en ce que ladite unite de synchronisa- 
tion (12) comprend la phase des signaux nu- 
meriques. 

4. Systeme selon Tune quelconque des revendi- 
cations 1 a 3, caracterise en ce que lesdits 
dispositifs (18, 19) pour emettre le rayonne- 
ment electromagnetique de protection sont 
adaptes pour fonctionner dans une bande de 
frequence limitee qui recouvre le spectre de 
frequence dudit rayonnement parasite. 

5. Systeme selon I'une quelconque des revendi- 
cations 1 a 4, caracterise en ce que les dispo- 
sitifs de commande (15, 16, 18) sont adaptes 
pour donner aux signaux numeriques generes 
une modulation d'amplitude (16) en plus de 
ladite modulation d'une maniere correspondant 
aux signaux numeriques de I'equipement (1). 
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